Thank you Rob, and thanks to all of you for your attention tonight. I think
our local hosts probably would have hoped to have a baseball game to watch
tonight, but it’s probably a good thing you don’t because now you
don’t have to feel that I’m keeping you from something that might
be more interesting.

As the title of the talk indicates, I want to focus on privacy issues that
have arisen in the last year since September 11th. These are the issues that my
organization has really focused most of our attention on in the last year, but
I think it’s also important to understand that the issues that have arisen
since September 11th in some ways really crystallize alot of the privacy issues
and data management issues that we’ve seen for many years leading up to
this period. So, although I’m focusing on the effect of the war on terrorism on
information management and privacy issues, I think a lot of the themes that run
through this were applicable before September 11th in other areas, and are
likely to continue to be increasingly important. And I think the basic theme is
that as more and more information becomes available, becomes accessible, there
are more and more entities and individuals who are going to seek access to that
information. And for that reason, the creators and the maintainers of the
information increasingly are going to have less and less control over how that
information is used who gets access to it. And I think that reality really is
increasingly going to dictate decisions about what kinds of information to
maintain, and how to deal with the increasing demands from outside third
parties for that information. You know, whether it’s the increasing interest in
electronic records in divorce cases, or law enforcement access to EZ Pass Toll
records on the east coast there are just so many new categories of information
that are being created that anyone dealing with the maintenance of this
information needs to really think through who at some point in the future might
find this information valuable, and what are going to be the rules that are
going to govern that third party access to this information. But as I say, I
think the events of the last year have really crystallized these issues in a
very dramatic way.

Projected visual:

“Terror probe reaches 220
U.S. colleges and universities
have turned over information about their international students… The
issue has raised concerns with student organizations, civil libertarians
and universities handing over the data.”
CNN.com, October 25, 2001

It was just about a year ago that we very first started seeing the immediate
impact of September 11, and the ensuing investigation on college campuses. Here
is one representative news article that appeared a year ago indicating that
there has suddenly been a real explosion in governmental investigative interest
in records that were maintained by colleges and universities. This article
indicated that already, by last October, just a little more than a month after
the events of September 11, that already 220
U.S. colleges had turned over
information to the Government concerning foreign students. Now, this is
important to know that this development and this degree of activity occurred
even before the Patriot Act was signed into law. It’s interesting that this
article was dated October 25. The Patriot Act didn’t become law until the next
day, October 26. So, already even before the Government had gotten the expanded
powers to demand information, which I’m going to talk about in a minute,
already this was an existing phenomenon.

The Patriot Act was, as most of you probably know, enacted very quickly. It
is a massive piece of legislation that affects a broad range of
U.S.
law above
and beyond just the information access issues that I’m going to be talking
about. But I think that in many ways if you remember the very abbreviated
legislative debate that surrounded the Patriot Act, many of the issues that I’m
going to talk about were not in any real way thought through very clearly. I
think there was very much a sense in Congress that something legislatively
needed to be done, and there was a great deal of pressure placed on Congress by
the Administration to enact this legislation which in many ways was really a
law enforcement and intelligence community wish list in terms of collecting the
largest amount of information possible. Those of us, who were critical of the
Patriot Act, at the time, raised the question that it was really a solution to
a problem that had not yet been clearly identified. Many of us said, for
instance, that although the emphasis of the Patriot Act was on increasing the
flow of information into governmental investigative agencies, that there was
not at that time any clear understanding of how well the information that these
agencies already possessed had been processed and analyzed. And in fact many of
us believed that it was more likely that the problem that agencies like the
FBI
and the
CIA
had prior to September 11, was that now as a result of new
information technology, they were already receiving so much information that
basically the important pieces of data were being lost in this flood of what
was now available largely as a result of the technology. And I think, looking
back at what we have learned in the last year, and particularly as a result of
the ongoing joint Congressional investigation into the events leading up to
September 11th, I think that has largely been borne out. I mean we have now
seen many examples of these agencies having in their possession or at least in
some database or in some channel, pieces of important information that were
really just lost in the floods. So, I think there remains a very real question
as to how effective ultimately these changes which are designed to increase the
flow of information to the government, how effective these new powers are
really likely to be.

But the three important things at a very basic level that I think it’s
important to understand about the Patriot Act are these three points: first,
that it expands government’s surveillance power. And this is done in a number
of ways, whether it’s expanded electronic surveillance or increased access to
records, the ability to conduct physical searches without notice, to the owner
of the premises being searched. I mean this is a theme that runs through many
aspects of the Patriot Act. Another related characteristic is that the Patriot
Act limits the role of the courts in supervising and authorizing the
surveillance activities. Where traditionally we have thought of the courts as
the check and balance in this area, the Patriot Act really diminishes the
protective role that the courts have traditionally played. And finally this is
a theme that we’re hearing a lot of discussion of now in Washington as the
congressional committee investigation continues, and new proposals are being
made to fix the problems. There’s this trend toward blurring the distinction
that we traditionally made between law enforcement information collection and
intelligence information collection. And it’s an important distinction because
of course on the law enforcement side there have always been requirements of
probable cause for instance before a search warrant could be issued; where as
on the intelligence side “
CIA
information collection, or National Security Agency information
collection “ for national security purposes there are not those same
legal hurdles that need to be met. And really ever since at least the end of
World War II, this has always been a very clear distinction in our legal system
between these two kinds of government investigation, to the point where in the
late 40’s when the
CIA
was created Congress explicitly said in the National
Security Act that the CIA
was to have no domestic police function to make clear
that that wall between law enforcement and intelligence gathering was supposed
to be very strictly maintained. That, since September 11th, and particularly in
the Patriot Act has largely fallen away.

Projected visual:

Broad New Subpoena Power

FBI
may obtain an order requiring production of “any tangible things
(including books, records, papers, documents, and other items) for an
investigation to protect against international terrorism or clandestine
intelligence activities.”

Gag Order —
“No person shall disclose to any other person (other than those
persons necessary to produce the tangible things under this section) that the
Federal Bureau of Investigation has sought or obtained tangible things
under this section.”

USA
Patriot Act, Sec. 215

I think the provision of the Patriot Act that has probably received the most
attention in your community and in the Library community and the information
handler community is Section 215. And you see the language of it here: it gives
the
FBI
the ability under a very low threshold showing of need, the ability to
obtain an order for the production of any tangible things including books,
records, papers, documents, etcetera; for investigations to protect against
international terrorism. The breadth of that provision and the ease with which
law enforcement can obtain these orders is really exacerbated by the fact that
there is this other provision, which is referred to as the Gag Order provision,
which prohibits the document custodian or the records custodian who is served
with one of these orders from disclosing that fact. It can’t be disclosed to
the person to whom the information might pertain or to the media or to
colleagues. So, the situation that we’re in now is that we have on the books
this very broad authority and no real way to have any public oversight or any
statistical information on how often and how commonplace this kind of order has
now become. So, I think one of the real concerns right now —
I know it’s true within the library community —
is that an organization like the American Library Association which obviously
has a very keen interest in this issue is not in a
position to even know how much of an impact this provision is having on its
membership. So this is an issue that I think you’re likely to hear more about.
My organization in conjunction with the
ACLU
has submitted a Freedom of Information Act request to the Justice Department to
try to get information on,
even statistical information about how prevalent these kinds of orders are. I
think it’s likely that it’s going to be a real fight to get that information. I
can tell you that the House Judiciary Committee has attempted to get
information on Patriot Act implementation from the Justice Department, and has
encountered a lot of resistance. So, I think there’s going to be an ongoing
controversy over just getting the basic facts as to how much of a problem this
issue really has become.

Could have a significant effect on the privacy rights of large numbers
of innocent users, particularly those who access the Internet through
public facilities such as libraries and university computer labs.

Could result in Carnivore Installations on university networks.

Another provision that I think it’s important to know about is the
so-called “roving wire tap” authority. And this gives the
Government the ability to get what the Justice Department itself has described
as a generic court order that doesn’t need to specify who it is being
served on so that if for instance there is an investigative interest in a
particular individual, before this provision became law the court order would
need to be directed to America Online, or to Arizona State
University — to some specified entity. Now that the roving wiretap
provision is in effect, that line that used to say
“To” — fill in the entity — is now blank, and
would now say “To whoever this is being presented to,” —
“To whom it may concern.” So, this also raises some very
significant issues particularly, I believe, in a university setting
where — Do you have a question? No problem.

[Question unintelligible]

Yes. I should explain that all of the orders or the great majority of the
kinds of orders that flow out of the Patriot Act are issued by the Foreign
Intelligence Surveillance Court, which is a secret court that sits in
Washington. The Justice Department is the only party that appears before the
Foreign Intelligence Surveillance Court, and these so-called ex parte
orders indicating that it was only the government involved in making the
application and that there was no adversarial process that gave rise to the
order. That is what comes out of the Foreign Intelligence Surveillance Court
process.

[Question unintelligible]

Yes, and it’s interesting that you raise that question because we are
now actually seeing for the first time since this regime was created in 1978,
we’re starting to see — well, we’re starting to know
that that process is playing itself out. I won’t go into too much detail
on this because it veers me a little bit away from the topic that I’m
primarily focusing on, but it’s interesting to know that within the last
few months the Foreign Intelligence Surveillance Court rejected a Justice
Department proposal for new procedures governing the handling of foreign
intelligence surveillance information. In other words, the take of the day, the
intelligence being gathered through these orders, the Justice Department would
like to disseminate more widely throughout the government. The Foreign
Intelligence Surveillance Court rejected those new proposed guidelines, and did
so for the first time in its history in a public order. The Justice Department
in response has filed an appeal with the Foreign Intelligence Surveillance
Court of Review, which up until the last two months had existed on paper only,
and had never actually convened. But now, because this is the first time in
which the Justice Department has actually lost a case in front of the lower
surveillance court this new court of appeals has convened and is now
considering that issue. If the court of review upholds the lower court and the
Justice Department remains unhappy then there would be an appeal to the Supreme
Court. And at that point nobody really, frankly, knows what the procedure is.
It might necessitate for instance for the first time in history a closed
hearing before the Supreme Court. So these are some very interesting and novel
issues that are starting to arise in this whole area, but I guess it does
underscore the fact that this is a closed process and everything that gives
rise to these ex parte orders is really shrouded in secrecy.

So, the order for electronic surveillance issued to a generic recipient I
think has some obvious implications in the university environment. If a student
at a university is an individual of interest to the government I think it’s
very likely that such an order could be served on the university for access to
university’s computer network. Because obviously if a student of interest has
access to a university computer lab the government is going to say, “Well we
need to have monitoring in place on that network so that if that student makes
use of that network we have access to that information.” So —
Are people familiar with what Carnivore is? I’ll just briefly explain it:
Carnivore is
the FBI
Internet surveillance system that is placed on a network to basically capture
the flow of packet data, to basically segregate out the electronic
transmissions that the government is interested in. So, when you couple the
roving wire tap authority with the Carnivore technology I think you then have a
very strong possibility that increasingly university networks are going to be
subject to this kind of full time monitoring so that basically everything all
of the packets flowing through a university system might be subject to
monitoring to capture those packets that the government might unilaterally
decide are relevant to the order. And please do — I understand that
a lot of these concepts are a little strange, so please do feel free to ask
questions as I go along. Yes?

[Question unintelligible]

That’s definitely a problem in the Carnivore methodology, that what
Carnivore will do will capture the packets and then when there is a review done
of what that data is, if the data is encrypted, then the
FBI has —
we know, I mean, this sounds like science fiction, but it
isn’t — the
FBI has
developed something called Magic Lantern, which is a trojan horse or a virus
that can be remotely installed on a target computer that would enable the
capture of an encryption pass phrase. So if by going through the data packet
capture route they find that what they’re obtaining is encrypted, then they
have these other technologies available to them to attempt to capture the
password surreptitiously, which would give them the ability to then go back and
decrypt what they had previously intercepted. So, the capabilities are
substantial.

Projected visual:

Access to Student Records —
FERPA

Amendment to
FERPA
permits schools to disclose —
without the consent or knowledge of the student or parent —
personally identifiable information from the student’s education
records to the Attorney General in response to an ex parte order in
connection with the investigation of terrorism.

Also amends
FERPA’s
record keeping requirements ૼ
does not require a school official to record a disclosure of information
from a student’s record when the school makes that disclosure
pursuant to an ex parte order.

USA
Patriot Act, Sec. 507

I guess the most direct and specific impact for this audience is the fact
that the Patriot Act specifically amends
FERPA
to enable the disclosure of
personally identifiable student information to the Attorney General —
meaning the Justice Department, the
FBI —
again in response to an ex parte order growing
out of a terrorism investigation. And in the gag order equivalent in this
regime: the school would not be required to record the disclosure as it
normally would. So, this provision in effect would begin to interfere with
audit trail procedures and the standard requirements that you would otherwise
have under
FERPA
if there was a disclosure of the information. Yes?

[Question unintelligible]

That’s good to hear. Right. Well, I mean I think that these issues are
now being grappled with — I assume that university general council
are probably as we speak trying to figure out exactly what the obligations are
and what the competing considerations are. I’m not sure how that’s
all going to play out. You all would know this better than I do, but I have
heard that university general counsel tend to be fairly conservative, and if
there was an issue as to whether or not a disclosure would for some
reason — the reporting of a disclosure — would somehow
run afoul of the Patriot Act, my understanding is that most of the university
attorneys would say, “Well, we’re not going to, we’re going
to err on the side of compliance with the Patriot Act.” So, it’s
good to hear that you’ve had that different experience in Idaho. Actually
that reminds me that last year during the Patriot Act debate I was very
surprised to see a very interesting article in the New York Times that
indicated that it was in the West where there seemed to be the most sort of
grass roots opposition to a lot of these changes. So that would bear that
out.

Projected visual:

Access to Student Records —
NCES

Justice Department can now obtain National Center for Education
Statistics
(NCES)
records for terrorism investigations. A court order is
required, but the access standard and procedures are minimal.

USA
Patriot Act, Sec. 508

“After looking at the new law, schools would be acting reasonably
to protect themselves and their students if they decided not to provide
data to NCES
in the future.”

Here’s another Patriot Act amendment that allows the Justice
Department to obtain National Center for Education Statistics records. Again, a
court order is required but as I said, because the role of the courts has been
generally diminished under the Patriot Act for — in most of these
areas it’s really very much a pro forma process of obtaining the court
order. This quote here: “After looking at the new law, schools would be
acting reasonably to protect themselves and their students if they decided not
to provide data to
NCES in the
future.” This is from a very well known privacy expert and consultant in
Washington named Robert Gelman, who recently wrote a piece on this issue and
came to that conclusion.

Projected visual:

Reaffirming Ethical Standards

The Library Bill of Rights affirms the ethical imperative to provide
unrestricted access to information and to guard against impediments to open
inquiry. Article IV states: “Libraries should cooperate with all persons
and groups concerned with resisting abridgement of free expression and free
access to ideas.” When users recognize or fear that their privacy or
confidentiality is compromised, true freedom of inquiry no longer exists.

Adopted June 19, 2002, by the
ALA Council

So those are some representative examples that I think affect you most
directly of the changes that have been made in the Patriot Act. And I think as
a response we’re seeing various sectors who are involved in data handling
issues beginning to, as I put it here, reaffirm their existing ethical
standards. I think the best recent example of that is this reaffirmation or
what they referred to as a privacy interpretation that was recently issued by
the American Library Association. This was obviously and very clearly motivated
by the enactment of the Patriot Act, and the issues that it raises within the
library community. And you see them here reiterating the Library Bill of
Rights, and — the final sentence there: “When users recognize
or fear that their privacy or confidentiality is compromised, true freedom of
inquiry no longer exists.” — and I think that’s
obviously applicable in the university environment as well.

Projected visual:

Fair Information Practices

Limiting the collection and use of personal information for the
purposes intended;

Ensuring data accuracy;

Establishing security safeguards.

So, when we talk about reaffirming ethical standards or beginning to come to
grips with a lot of these issues I think it’s interesting to look back at
something that’s been around for a long time and is really very basic and
that’s the Fair Information Practices. And I think in the face of this
new environment where it is increasingly likely that data creators and data
handlers are likely to have less and less control over that information that
these principles are probably now becoming even more important. And I guess the
first one is really the most fundamental and the most important:
“Limiting the collection and use of personal information for the purposes
intended.” I think there do now have to be serious questions asked about
is particular information really necessary for the desired purpose? To be
honest I don’t know a lot about the kinds of records that all of you are
likely to handle, but I know that there are certainly other examples of this
that I think are very good indications. For instance, I mentioned early on the
EZ Pass toll system that’s very prevalent on the East coast. These are
the systems that allow people just to drive through toll plazas without
actually throwing coins in baskets, but there is an electronic transponder that
will record the fact that the car has gone through and will deduct the toll
from that individuals account. That kind of system can be designed anonymously
and fulfill the function that it’s designed to fulfill, which is paying a
toll. When you throw a quarter in the basket there’s no record of the
fact that that was you in your car, at that time, in that place. So,
traditionally you have toll collection done anonymously without the generation
of these records. Now because of the new technology you’re creating a
record of something that has historically been anonymous. So the question in
that environment arises, “Well, why can’t that system be anonymous?
Why can’t they have machines that you could recharge the value on your
account by placing a $20 bill in the machine?” The point is that if
minimization of the amount of information generated by this kind of system was
a design element when it was being, when the system was being designed, there
are very easy ways to do that. But because that hasn’t been done we are
increasingly seeing law enforcement requests for access to those records for
the purpose of putting a particular person in a particular place at a
particular time. So this is a problem that has been generated by the fact that
the information now exists. I frankly think increasingly it’s likely that
the administrators of the EZ Pass toll systems are going to find themselves
with subpoenas in domestic relations cases. “My husband claims that he
was going to his job. I want to show that he was going to see his
mistress.” So I think it’s a great example of how the fact that
information now exists, sort of creates a new market for that information and
new individuals and entities that suddenly want that information.

There was also a good example of this about a year and a half ago when
during one of the anti-globalization demonstrations in Montreal, apparently a
police car was broken into and a police document was stolen out of the car. The
contents of the document were later posted on a Web site in Seattle that was
maintained by a group called the Independent Media Center. And the way that
this Web site works is that basically anyone — it’s kind of
like a message board — anybody who wants to post something can post
it at this Web site. So once the Royal Canadian Mounted Police saw the contents
of their stolen document on this Web site in Seattle, they obviously were
interested in finding out who might have had access to the Web site during the
period of time that the information was posted. They went to the
FBI. The
FBI served an order
on the Independent Media Center for the logs for the web site, asking to see
the IP addresses of everyone who had accessed that web site during a
designated, I think it was a 48-hour period. The Independent Media Center when
they received this order said to themselves, “Well, we really
hadn’t even thought about the fact that these logs were being generated.
You know, the Web software comes out of the box and this is how it works, and
we never really gave it a lot of thought.” Well, this was a lesson that
they learned, that they didn’t have any operational reason to maintain
these logs, or if they did they certainly didn’t need to maintain them in
perpetuity. And they started to realize that because of the political arena
that they work in that increasingly their Web logs were likely to be of
interest to investigative agencies around the world. So, as a result of that
experience, they changed their practice. They purge the logs, and I think
it’s probably true that in the future they’re less likely to have
that kind of problem. So I think those are two good examples of how in the face
of a likely increase in demands for information some thought can be given to
what you’re generating and how you might be able to minimize it.

These are the rest obviously, the rest of the Fair Information Practices,
which I think all make a lot of sense. They always have, and they obviously
still do. So I would urge people to sort of reacquaint yourself with those
principles.

Projected visual:

Conduct a Privacy Audit

Determine what data are stored that could identify an individual
patron.

Decide how long you actually need to keep the data. If you do need
to keep it for future uses, such as management reports, extract the
particular statistical data that you need and discard the raw data that
contain information on individual users.

Review timetables and procedures for deleting inactive records in
patron files and other files.

Review who in staff has access to the data, and make sure that only
those who must have access.

Here, also coming out of the library community, where obviously
there’s been a lot of thought about all of this, is the suggestion to
conduct a privacy audit. This is something that comes from an article by a
librarian in California, Karen Coyle, in I guess is the current issue of
Library Journal. And again, this is in some ways an expansion on the Fair
Information Practices: “Determine what data are stored that could
identify an individual; Decide how long you actually need to keep the
data.” Then, there’s the suggestion that statistical anonymized
information might serve the same purpose as something that might otherwise be
personally identifiable. Look at “timetables and procedures for deleting
inactive records,” and look at who has access and ensure that they need
to have access. So I think those are all some very good recommendations that
again, could over time minimize some of the problems that are likely to
arise.

Now finally, I have just — and these, my slides, are in your
materials — these are a couple of — or a few —
resources that I think are worth taking a look at.

The first one is some guidance that has been issued by the Department of
Education on the Patriot Act amendments to
FERPA.
Then there is the paper by Jenny Rezmiersky that actually was
pre–September 11th, but probably is now all the more relevant, that
looked in a university setting at how much information on university
networks is in fact being logged kind of as a matter of course without a
lot of thought necessarily being given to it and the issues raised by that
activity. And then the final one: this is a new paper that comes out of the
criminal justice environment. The courts increasingly are starting to ask
themselves how to handle information that they are making available
on-line. Some interesting issues raised, for instance, with bankruptcy
records, which tend to contain a lot of personally identifiable financial
information, and the reason I’m suggesting that is I think it
provides a good framework for looking at privacy issues generally, and
thinking through what appropriate privacy policies are.

So, I think I will stop there, and see if there are any questions or
comments that any of you might have. Yes, sir.

[Question unintelligible]

I think it’s — you know, I think there is a real
conflict, and I think you see it in a lot of different ways. I think there
are certainly good reasons for maintaining records to provide
accountability. You know, an example that my organization has just recently
encountered — and I’m not sure that I know the right
answer to this — is the following: We’ve been very
interested in finding out about the actual operation of this new, very
widespread video surveillance system that has been put in place in
Washington. We would like to know for instance, when there are political
demonstrations in Washington whether there are being records images
maintained of people participating in political rallys. We made a Freedom
of Information Act request to the National Park Service for any images that
they had recorded, I think specifically during the July 4th events in
Washington. They wrote back and said, “Well, we have instituted a
privacy policy that requires us to destroy any such records if there
wasn’t any criminal activity.” In other words, they make the
tapes, and then two days later if they realize that they have no reason for
criminal investigative purposes to look at those tapes they destroy them.
Well, we made a Freedom of Information Act request, which would normally
freeze those records until our entitlement to those images could be somehow
adjudicated. So here we were, a privacy organization that obviously
doesn’t want to encourage the government to maintain pictures of
people ending up in a position where in our attempt to oversee what the
Agency was doing might have in fact interfered with their destruction
plans. So you know, I don’t know that there’s any really good
answer. I think if the minimization of the collection is in place at the
outset, then hopefully you’re not talking about preserving material
that maybe never should have been collected in the first place.

Yes.

[Question unintelligible]

Well, one of the real problems is getting a handle on what setting will
arise in which it can be challenged. There are generally two ways to
challenge a statute: one is when it has been applied against you, in
particular. In the case of the Patriot Act that would probably mean some
terrorism prosecution, which is not the most appealing setting in which to
challenge the constitutionality of the Patriot Act. Whether it’s, you
know, an al-Qaeda suspect who’s been wire tapped under the Patriot
Act, you know, raises the issue. I don’t think anyone in the civil
liberties community really looks forward to that being the setting in which
it’s challenged because, you know, we don’t think we’re
making these constitutional arguments on behalf of al-Qaeda. We’re
making the arguments on behalf of library patrons. So, then the question
is, “Can it be challenged on its face?” Meaning: Without even
being specifically applied to any individual, can the ALA or a university sort
of initiate a generic challenge that says, “This appears to require
us to do things in the future that we think are going to be
problematic.” And I don’t think there’s a very good basis
for such a lawsuit. I mean, typically facial challenges to statues are
raised in First Amendment cases where — you know, the
Communications Decency Act is a good example: it said it made it a crime to
post indecent material on the Internet. So there you can say, “Well,
you know, I have a Web site that deals with fairly racy material. None of
it is obscene, and I’m now chilled in the operation of my Web site
because I’m concerned that if I put the stuff on my site that I
usually put on my site I’m going to be prosecuted.”
That’s sort of a classic facial challenge where you say,
“It’s now inhibiting me from exercising my rights.”
It’s a lot harder to say that with the Patriot Act because the
Patriot Act tends to raise Fourth Amendment–type issues, and those
issues are typically raised in a defense, in a criminal prosecution. So
it’s something that the civil liberties community has been grappling
with for the last year, and I don’t think there’s any great way
to deal with the problem. So I think unfortunately it probably will be in
terrorism prosecution cases that we’re going to start to resolve some
of these issues, which are not, I say, which are not the best facts.

Anyone else? Yes.

[Question unintelligible]

Well, yeah, I mean I think at least before September 11th, you know the
sense was that in the United States, the concern was about the
government — what the government had access to. So, privacy
vis-à-vis the government — that was the biggest concern,
and there was less concern about the private sector, and this would seem to
explain how freely people seem to share information, and — you
know, fill out warranty cards, and for some reason feel like a company
giving them a warranty on a toaster needs to know their annual income and
everything else. So I mean, that phenomenon had been observed for a long
time: that people would freak out about a census form, because that’s
going to the government, but would fill out these warranty cards. And then
the flip side of that was that supposedly in Europe it was the other way
around: that they were very concerned about the private sector, and felt
that the government was their protector, which in fact is really
demonstrated in the EU privacy
directive, which is sort of a very heavy, governmental, regulatory hand on
what the private sector is doing with personal information. So that was
sort of the sense of where things were culturally between the United States
and Europe at least. And then after September 11th, I think a lot of polls
indicated that the concern about the government in the United States really
disappeared at least for a while, and you know, you saw people saying
things like, “I don’t care if the government reads my email if
it protects me against terrorism.” I think that was, you know, a
momentary blip, and that over time we’re likely to get back to the
more traditional American attitude which is a lot of concern about what the
government has access to.

Yes, Rob.

[Question unintelligible]

Yeah, I mean, actually I recently have started to question how useful
the terminology “opt-in” and “opt-out” is. I mean,
I thought that really sort of explained what the differences were until in
the context of wireless privacy issues. This is the whole location privacy,
you know, the fact that suddenly a cell phone is able to generate a
detailed record of where you were at a particular time kind of like the EZ
Pass issue. And the wireless industry has adopted an opt-in approach to
dealing to collecting and using location information. So initially I
thought that was a great thing, and then there were some submissions to the
FCC on that
issue where some of the companies explained what they meant by
“opt-in,” and apparently what some of them meant was that when
a customer initially signed the service agreement there would be a
statement that says, “By entering into this service agreement, I
hereby agree — ‘opt-in’ — to the
company’s use of my location information in a manner that they deem
appropriate.” So at that point I started to realize that those terms
have sort of lost their meaning now, because now you get into the more
difficult sort of questions as to “How is the opting-in going to be
expressed, and does it have to be transaction by transaction?” You
know, my sense of what it means to “opt-in” to the use of
location information on a cell phone would be: You’re talking to
someone on the phone, and they say, “We’d like to recommend a
restaurant nearby close to where you are right now. If you would like us to
do that, press the little ‘find me’ button on your phone, and
then we’ll know where you are, and we can tell you what a good
restaurant is.” I mean, to me that’s what “opt-in”
on the use of location information is, but some of the companies think that
the fact that I have the phone is my “opt-in,” so I think
things are likely to get very complicated in that area.

[Question unintelligible]

Well, I mean, I think the Graham–Bliley notice process has been
totally discredited, and I’m not sure that there’s anyone who
is seriously defending it as a meaningful privacy measure anymore. So, you
know, that’s sort of a great example: we’re talking about
“opt-in” and “opt-out” but that’s sort of a
great example of how the privacy issue can be “co-opted,” I
think. Because everyone starts to say, “Okay, we’ve put in
place this great privacy regime,” and it doesn’t do
anything.

Yes.

[Question unintelligible]

No. I mean, I think that’s the problem with this gag order
scenario, that the universities are prohibited from making that information
known. And I would assume that even in a conference like this, where
typically there would be that kind of exchange of information, if any of
you were directly involved in executing such an order you couldn’t
mention it to any of your colleagues at this conference. So, I just think
that’s a real problem, and I’m not sure how we’re ever
going to get a good handle on that when there’s this new government
investigative power that no one can know anything about. I mean it’s
something that seems very contrary to the way we’re used to doing
things.

Yes.

[Question unintelligible]

Well, I’m hoping that there is going to be a movement in that
direction. I mentioned that the House Judiciary Committee has requested
that kind of statistical information from the Justice Department, and has
been frustrated in getting it. I think that’s likely to result in a
statutory reporting requirement, because we have it in other areas. For
instance, the wiretap statute: Every year results in a very comprehensive
report on the number of wiretap warrants issued not just by the Federal
Government but in all of the States. So there’s certainly a tradition
of at least reporting statistically on these, what everyone recognizes are
very intrusive investigative techniques. So, I think it’s a
possibility.

Well, if those are all the questions I thank you for your attention, and
I’ll — I’m speaking on a panel tomorrow morning on
ethics issues also, and would be glad to talk more to all of you during the
course of the conference. So, thank you very much.